REMARKS 

Applicant respectfully requests reconsideration and allowance of the 
subject application. Claims 15, 16, and 43 are canceled without prejudice. New 
claim 49 is added. Claims 1, 4, 6-14, 17-41, 44-47, and 49 are pending in this 
application. 

35 U.S.C. § 103 

Claims 1, 6, 28-32, and 34-38 stand rejected under 35 U.S.C. § 103(a) as 
being unpatentable over U.S. Patent No. 6,047,325 to Jain et al. (hereinafter 
"Jain") in view of U.S. Patent No. 6,141,749 to Coss et al. (hereinafter "Coss") 
and further in view of U.S. Patent No. 5,826,015 to Schmidt (hereinafter 
"Schmidt") and further in view of U.S. Patent No. 6,684,335 to Epstein, III et al. 
(hereinafter "Epstein"). Applicant respectfully submits that claims 1, 6, 28-32, 
and 34-38 are not obvious over Jain in view of Coss and further in view of 
Schmidt and further in view of Epstein. 

Jain is directed to network devices for implementing virtual local area 
networks and virtual private networks (see, col. 1, lines 11-13). As discussed in 
the Abstract of Jain, a network device implements a virtual LAN over 
interconnected computer networks transparent to the computer networks. Using 
authentication and encryption, a secure connection between network devices over 
a public wide area network implements a virtual private network and enables the 
definition of virtual LANs over the virtual private network. 

Coss is directed to methods and apparatus for a computer network firewall 
with stateful packet filtering (see, Title). As discussed in the Abstract of Coss, a 
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firewall can support multiple security policies, multiple users or both, by applying 
any one of several distinct sets of access rules. Dynamic rules may be used in 
addition to pre-loaded access rules in order to simplify rule processing. To 
unburden the firewall of application proxies, the firewall can be enabled to redirect 
a network session to a separate server for processing. 

Schmidt is directed to method and apparatus for secure remote 
programming of firmware and configurations of a computer over a network (see, 
Title). As discussed in the Abstract of Schmidt, a method and related apparatus 
enables one station on a local area network (LAN) to remotely and securely 
modify sensitive information of another station on the LAN. A workstation, 
acting as a remote management console, generates a wake-up packet intended for 
a desktop computer on the LAN. A network interface receives and processes the 
wake-up packet, and issues a signal to wake up the desktop computer. In response 
to the signal, the desktop computer bootstraps. Data indicating that the network 
interface has issued the signal is stored in a register. In the course of 
bootstrapping, the processor examines the register to determine that the network 
interface has initiated the wake-up of the desktop computer. Once this 
determination is made, the write protection circuitry places the BIOS ROM in an 
unprotected state wherein the contents BIOS ROM can e modified by the 
workstation. 

Epstein is directed to a resistance cell architecture (see, Title). As 
discussed in the Abstract of Epstein, each cell in the architecture comprises 
communication equipment such as a cell communication device coupled to one or 
more computers or terminals. Each cell is only permitted to communicate directly 
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with certain predetermined other cells in the architecture. If a cell has a 



communication to be transmitted to a cell to which it does not directly 
communicate, the communication will be sent from one cell to another until the 
communication reaches the intended recipient. 
In contrast, amended claim 1 recites: 



A computing device comprising: 
a set of filters; 

a mapping of virtual addresses to network addresses; and 
a controller, coupled to the set of filters and the mapping, to, 

access, upon receipt of a data packet requested to be 
sent from the computing device to a target device via a 
network, the set of filters and determine whether the data 
packet can be sent to the target device based on whether the 
computing device is allowed to communicate with the target 
device, 

replace, based on the mapping, the target address in the 
data packet with a corresponding target network address; 

forward the data packet to the target device at the 
target network address if it is determined the data packet can 
be sent to the target device; 

prevent the computing device from modifying any of 
the filters in the set of filters, but allow the set of filters to be 
modified by a plurality of remote devices operating at a 
plurality of different managerial levels, a first of the plurality 
of remote devices being a cluster operations management 
console for managing hardware operations of the computing 
device, a second of the plurality of remote devices being an 
application operations management console for managing 
software operations of the computing device; and 

prevent the application operations management 
console from adding any filters to the set of filters that are 
less restrictive than filters added by the cluster operations 
management console. 

Applicant respectfully submits that no such system is disclosed by Jain in view of 
Coss and further in view of Schmidt and further in view of Epstein. 
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In the December 12, 2005 Office Action at p. 3, Schmidt is cited as 
disclosing preventing local users from modifying sensitive/security data and only 
allow authorized remote users to perform modification, and Epstein is cited as 
disclosing a hierarchy in network in which certain node in the network has the 
ability to control many functions and communication behaviors of other nodes. 
However, nowhere in Schmidt or Epstein is there any discussion or mention of a 
first of the plurality of remote devices being a cluster operations management 
console for managing hardware operations of the computing device, and a second 
of the plurality of remote devices being an application operations management 
console for managing software operations of the computing device, much less of a 
controller to prevent the application operations management console from adding 
any filters to the set of filters that are less restrictive than filters added by the 
cluster operations management console as recited in amended claim 1. Without 
any such discussion or mention, Applicant respectfully submits that Schmidt and 
Epstein cannot disclose or suggest the system of amended claim 1 . 

With respect to Jain and Coss, Jain and Coss are not cited as curing, and do 
not cure, these deficiencies of Schmidt and Epstein. Accordingly, for at least these 
reasons, Applicant respectfully submits that amended claim 1 is allowable over 
Jain in view of Coss and further in view of Schmidt and further in view of Epstein. 

With respect to claim 6, given that claim 6 depends from amended claim 1, 
Applicant respectfully submits that claim 6 is likewise allowable over Jain in view 
of Coss and further in view of Schmidt and further in view of Epstein for at least 
the reasons discussed above with respect to amended claim 1 . 
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With respect to amended claim 28, amended claim 28 recites: 
A method comprising: 

maintaining a set of filters that restrict the ability of a 
computing device to communicate with other computing devices; 

allowing multiple remote computing devices, each 
corresponding to a different managerial level, to modify the set of 
filters, the multiple remote computing devices including a cluster 
operations management device for managing hardware operations of 
the computing device, and an application operations management 
device for managing software operations of the computing device; 
and 

preventing the application operations management device 
from modifying the set of filters in a manner that would result in a 
violation of a filter added by the cluster operations management 
device. 

Applicant respectfully submits that no such method is disclosed by Jain in view of 
Coss and further in view of Schmidt and further in view of Epstein. 

Applicant respectfully submits that, similar to the discussion above 
regarding amended claim 1, Jain in view of Coss and further in view of Schmidt 
and further in view of Epstein does not disclose or suggest the multiple remote 
computing devices including a cluster operations management device for 
managing hardware operations of the computing device, and an application 
operations management device for managing software operations of the computing 
device, much less preventing the application operations management device from 
modifying the set of filters in a manner that would result in a violation of a filter 
added by the cluster operations management device as recited in amended 
claim 28. Without any such disclosure or suggestion, Applicant respectfully 
submits that Jain in view of Coss and further in view of Schmidt and further in 
view of Epstein cannot disclose or suggest the method of amended claim 28. 
Accordingly, for at least these reasons, Applicant respectfully submits that 
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amended claim 28 is allowable over Jain in view of Coss and further in view of 
Schmidt and further in view of Epstein. 

With respect to claims 29-32 and 34, given that claims 29-32 and 34 
depend from amended claim 28, Applicant respectfully submits that claims 29-32 
and 34 are likewise allowable over Jain in view of Coss and further in view of 
Schmidt and further in view of Epstein for at least the reasons discussed above 
with respect to amended claim 28. 

With respect to amended claim 35, amended claim 35 recites: 

One or more computer-readable media having stored thereon 
a computer program to implement a multiple-level filter 
administration scheme and including a plurality of instructions that, 
when executed by one or more processors, causes the one or more 
processors to perform acts including: 

allowing a cluster operations management device for 
managing hardware operations of a filtered device to modify a set of 
filters corresponding to the filtered device, the cluster operations 
management device operating at a first of the multiple levels; and 

allowing an application operations management device for 
managing software operations of the filtered device to modify the set 
of filters only if the modification is at least as restrictive as the filters 
imposed by the first computing device, the application operations 
management device operating at a second of the multiple levels. 

Applicant respectfully submits that no such computer-readable media is disclosed 

by Jain in view of Coss and further in view of Schmidt and further in view of 

Epstein. 

Applicant respectfully submits that, similar to the discussion above 
regarding amended claim 1, Jain in view of Coss and further in view of Schmidt 
and further in view of Epstein does not disclose or suggest allowing a cluster 
operations management device for managing hardware operations of a filtered 
device to modify a set of filters corresponding to the filtered device, the cluster 
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operations management device operating at a first of the multiple levels, and 
allowing an application operations management device for managing software 
operations of the filtered device to modify the set of filters only if the modification 
is at least as restrictive as the filters imposed by the first computing device, the 
application operations management device operating at a second of the multiple 
levels as recited in amended claim 35. Without any such disclosure or suggestion, 
Applicant respectfully submits that Jain in view of Coss and further in view of 
Schmidt and further in view of Epstein cannot disclose or suggest the computer- 
readable media of amended claim 35. Accordingly, for at least these reasons, 
Applicant respectfully submits that amended claim 35 is allowable over Jain in 
view of Coss and further in view of Schmidt and further in view of Epstein. 

With respect to claims 36-38, given that claims 36-38 depend from 
amended claim 35, Applicant respectfully submits that claims 36-38 are likewise 
allowable over Jain in view of Coss and further in view of Schmidt and further in 
view of Epstein for at least the reasons discussed above with respect to amended 
claim 35. 

Claims 4, 39, and 44-47 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Jain in view of Coss and further in view of Schmidt and further 
in view of Epstein and further in view of U.S. Patent No. 6,717,949 to Boden et al. 
(hereinafter "Boden"). Applicant respectfully submits that claims 4, 39, and 44-47 
are not obvious over Jain in view of Coss and further in view of Schmidt and 
further in view of Epstein and further in view of Boden. 

Boden is directed to selective masquerading of internal IP addresses among 
a plurality of public IP address (see, col. 1, lines 25-28). As discussed in the 
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Abstract of Boden, a type of NAT (Network Address Translation), called 
masquerade NAT, defines a many-to-one mapping in such a way as to allow the 
'many' to specify subsets of IP addresses. This allows traffic separation, which 
improves throughput to and from external networks (e.g., the Internet), and also 
improves flexibility in IP address management. 

With respect to claim 4, claim 4 depends from amended claim 1 and 
Applicant respectfully submits that claim 4 is allowable over Jain in view of Coss 
and further in view of Schmidt and further in view of Epstein for at least the 
reasons discussed above with respect to amended claim 1 . Boden is not cited as 
curing, and does not cure, the deficiencies of Jain in view of Coss and further in 
view of Schmidt and further in view of Epstein discussed above with respect to 
amended claim 1 . Accordingly, for at least these reasons, Applicant respectfully 
submits that claim 4 is allowable over Jain in view of Coss and further in view of 
Schmidt and further in view of Epstein and further in view of Boden. 

With respect to amended claim 39, amended claim 39 recites: 

A method comprising: 

maintaining an association of virtual addresses and 
corresponding network addresses; 

making a computing device aware of the virtual addresses; 

hiding the network addresses from the computing device; 

receiving, from the computing device, a data packet intended 
for a target computing device corresponding to a target virtual 
address; 

replacing, based on the target virtual address, the target 
virtual address with the corresponding target network address; 

forwarding the data packet to the target computing device at 
the target network address; 

maintaining, at the computing device, a set of filters that 
further restrict the ability of the computing device to communicate 
with other computing devices; 
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allowing the set of filters to be modified from a plurality of 
remote devices, the plurality of remote devices including a cluster 
operations management device for managing hardware operations of 
the computing device and an application operations management 
device for managing software operations of the computing device; 

preventing the application operations management device 
from modifying the set of filters in a manner that would result in a 
violation of a filter added by the cluster operations management 
device; and 

preventing the computing device from modifying the set of 

filters. 

Applicant respectfully submits that no such method is disclosed by Jain in view of 
Coss and further in view of Schmidt and further in view of Epstein and further in 
view of Boden. 

Applicant respectfully submits that, similar to the discussion above 
regarding amended claim 1 , Jain in view of Coss and further in view of Schmidt 
and further in view of Epstein does not disclose or suggest allowing the set of 
filters to be modified from a plurality of remote devices, the plurality of remote 
devices including a cluster operations management device for managing hardware 
operations of the computing device and an application operations management 
device for managing software operations of the computing device, and preventing 
the application operations management device from modifying the set of filters in 
a manner that would result in a violation of a filter added by the cluster operations 
management device as recited in amended claim 39. Without any such disclosure 
or suggestion, Applicant respectfully submits that Jain in view of Coss and further 
in view of Schmidt and further in view of Epstein cannot disclose or suggest the 
method of amended claim 39. With respect to Boden, Boden is not cited as 
curing, and does not cure, the deficiencies of Jain in view of Coss and further in 
view of Schmidt and further in view of Epstein discussed above with respect to 
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amended claim 1 . Accordingly, for at least these reasons, Applicant respectfully 
submits that amended claim 39 is allowable over Jain in view of Coss and further 
in view of Schmidt and further in view of Epstein and further in view of Boden. 

With respect to claim 44, given that claim 44 depends from amended claim 
39, Applicant respectfully submits that claim 44 is likewise allowable over Jain in 
view of Coss and further in view of Schmidt and further in view of Epstein and 
further in view of Boden for at least the reasons discussed above with respect to 
amended claim 39. 

With respect to amended claim 45, amended claim 45 recites: 



A network mediator comprising: 
a mapping of virtual addresses to network addresses; 
a set of filters that restrict the ability of the computing device 
to communicate with other computing devices; and 
a controller, coupled to the mapping, to, 

make a corresponding computing device aware of the 
virtual addresses, 

hide the network addresses from the computing device, 

receive, from the computing device, a data packet 
intended for a target computing device corresponding to a 
target virtual address, 

replace, based on the target virtual address, the target 
virtual address with the corresponding target network address, 

forward the data packet to the target computing device 
at the target network address, 

allow the set of filters to be modified from a plurality 
of remote devices, the plurality of remote devices including a 
cluster operations management device for managing hardware 
operations of the computing device and an application 
operations management device for managing software 
operations of the computing device, 

prevent the application operations management device 
from modifying the set of filters in a manner that would result 
in a violation of a filter added by the cluster operations 
management device, and 
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prevent the computing device from modifying the set 
of filters. 

Applicant respectfully submits that no such network mediator is disclosed by Jain 
in view of Coss and further in view of Schmidt and further in view of Epstein and 
further in view of Boden. 

Applicant respectfully submits that, similar to the discussion above 
regarding amended claim 1, Jain in view of Coss and further in view of Schmidt 
and further in view of Epstein does not disclose or suggest to allow the set of 
filters to be modified from a plurality of remote devices, the plurality of remote 
devices including a cluster operations management device for managing hardware 
operations of the computing device and an application operations management 
device for managing software operations of the computing device, and to prevent 
the application operations management device from modifying the set of filters in 
a manner that would result in a violation of a filter added by the cluster operations 
management device as recited in amended claim 45. Without any such disclosure 
or suggestion, Applicant respectfully submits that Jain in view of Coss and further 
in view of Schmidt and further in view of Epstein cannot disclose or suggest the 
method of amended claim 45. With respect to Boden, Boden is not cited as 
curing, and does not cure, the deficiencies of Jain in view of Coss and further in 
view of Schmidt and further in view of Epstein discussed above with respect to 
amended claim 1. Accordingly, for at least these reasons, Applicant respectfully 
submits that amended claim 45 is allowable over Jain in view of Coss and further 
in view of Schmidt and further in view of Epstein and further in view of Boden. 

With respect to claims 46-47, given that claims 46-47 depend from 
amended claim 45, Applicant respectfully submits that claims 46-47 are likewise 
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allowable over Jain in view of Coss and further in view of Schmidt and further in 
view of Epstein and further in view of Boden for at least the reasons discussed 
above with respect to amended claim 45. 

Claims 7, 9, 19, 20, and 21-24 stand rejected under 35 U.S.C. § 103(a) as 
being unpatentable over Jain in view of Coss and further in view of Schmidt. 
Applicant respectfully submits that claims 7, 9, 19, 20, and 21-24 are not obvious 
over Jain in view of Coss and further in view of Schmidt. 

With respect to amended claim 7, amended claim 7 recites: 

A method comprising: 

maintaining, at a computing device, a set of filters that restrict 
the ability of the computing device to communicate with other 
computing devices; 

allowing the set of filters to be modified by a plurality of 
remote devices operating at a plurality of different managerial levels, 
the plurality of remote devices including a cluster operations 
management device for managing hardware operations of the 
computing device, and an application operations management device 
for managing software operations of the computing device; 

preventing the application operations management device 
from adding any filters to the set of filters that are less restrictive 
than filters added by the cluster operations management device; and 

preventing the computing device from modifying the set of 

filters. 

Applicant respectfully submits that no such method is disclosed by Jain in view of 
Coss and further in view of Schmidt. 

Applicant respectfully submits that, similar to the discussion above 
regarding amended claim 1, Jain in view of Coss and further in view of Schmidt 
does not disclose or suggest allowing the set of filters to be modified by a plurality 
of remote devices operating at a plurality of different managerial levels, the 
plurality of remote devices including a cluster operations management device for 
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managing hardware operations of the computing device, and an application 
operations management device for managing software operations of the computing 
device, much less preventing the application operations management device from 
adding any filters to the set of filters that are less restrictive than filters added by 
the cluster operations management device as recited in amended claim 7. Without 
any such disclosure or suggestion, Applicant respectfully submits that Jain in view 
of Coss and further in view of Schmidt cannot disclose or suggest the method of 
amended claim 7. Accordingly, for at least these reasons, Applicant respectfully 
submits that amended claim 7 is allowable over Jain in view of Coss and further in 
view of Schmidt. 

Accordingly, for at least these reasons, Applicant respectfully submits that 
amended claim 7 is allowable over Jain in view of Coss and further in view of 
Schmidt. 

With respect to claims 9 and 19, given that claims 9 and 19 depend from 
amended claim 7, Applicant respectfully submits that claims 9 and 19 are likewise 
allowable over Jain in view of Coss and further in view of Schmidt for at least the 
reasons discussed above with respect to amended claim 7. 

With respect to amended claim 20, amended claim 20 recites: 

A network mediator comprising: 
a set of filters; and 

a controller, coupled to the set of filters, to, 

access, upon receipt of a data packet requested to be 
sent from a computing device to a target device via a 
network, the set of filters and determine whether the data 
packet can be sent to the target device based on whether the 
computing device is allowed to communicate with the target 
device, 

prevent the computing device from modifying any of 
the filters in the set of filters but allow the set of filters to be 
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modified by a remote cluster operations management console 
for managing hardware operations of the computing device 
and by a remote application operations management console 
for managing software operations of the computing device, 
and 

prevent the remote application operations management 
console from modifying the set of filters to be less restrictive 
than filters added by the remote cluster operations 
management console. 

Applicant respectfully submits that no such method is disclosed by Jain in view of 

Coss and further in view of Schmidt. 

Applicant respectfully submits that, similar to the discussion above 

regarding amended claim 1, Jain in view of Coss and further in view of Schmidt 

does not disclose or suggest to allow the set of filters to be modified by a remote 

cluster operations management console for managing hardware operations of the 

computing device and by a remote application operations management console for 

managing software operations of the computing device, much less to prevent the 

remote application operations management console from modifying the set of 

filters to be less restrictive than filters added by the remote cluster operations 

management console as recited in amended claim 20. Without any such disclosure 

or suggestion, Applicant respectfully submits that Jain in view of Coss and further 

in view of Schmidt cannot disclose or suggest the method of amended claim 20. 

Accordingly, for at least these reasons, Applicant respectfully submits that 

amended claim 20 is allowable over Jain in view of Coss and further in view of 

Schmidt. 

Accordingly, for at least these reasons, Applicant respectfully submits that 
amended claim 20 is allowable over Jain in view of Coss and further in view of 
Schmidt. 
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With respect to claims 21-24, given that claims 21-24 depend from 
amended claim 20, Applicant respectfully submits that claims 21-24 are likewise 
allowable over Jain in view of Coss and further in view of Schmidt for at least the 
reasons discussed above with respect to amended claim 20. 

Claims 8 and 17 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Jain in view of Coss and further in view of Schmidt and further 
in view of U.S. Patent No. 6,266,707 to Boden et al. (hereinafter "Boden2"). 
Applicant respectfully submits that claims 8 and 17 are not obvious over Jain in 
view of Coss and further in view of Schmidt and further in view of Boden2. 

Boden2 is directed to firewall capability for a gateway system, and IP 
network address translation (NAT) and IP filtering with dynamic address 
resolution (see, col. 1, lines 20-23). As discussed in the Abstract of Boden2, 
symbolic interface names are recognized in selected rule statements. A symbolic 
s-rule file is generated from these rule statements which includes symbolic 
interface names. During processing of a packet message, the s-rule file 
corresponding to the interface name in the packet message is processed, with 
symbolic addresses in the s-rule file resolved to the IP addresses obtained from the 
packet message. 

With respect to claims 8 and 17, claims 8 and 17 depend from amended 
claim 7 and Applicant respectfully submits that claims 8 and 17 are allowable over 
Jain in view of Coss and further in view of Schmidt for at least the reasons 
discussed above with respect to amended claim 7. Boden2 is not cited as curing, 
and does not cure, the deficiencies of Jain, Coss, and Schmidt discussed above 
with respect to amended claim 7. Accordingly, for at least these reasons, 
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Applicant respectfully submits that claims 8 and 17 are allowable over Jain in 
view of Coss and further in view of Schmidt and further in view of Boden2. 

Claims 10-14 stand rejected under 35 U.S.C. § 103(a) as being unpatentable 
over Jain in view of Coss and further in view of Schmidt and further in view of 
U.S. Patent No. 6,510,154 to Mayes et al. (hereinafter "Mayes"). Applicant 
respectfully submits that claims 10-14 are not obvious over Jain in view of Coss 
and further in view of Schmidt and further in view of Mayes. 

Mayes is directed to a security system for network address translation 
systems (see, Title). As discussed in the Abstract of Mayes, a system and method 
are provided for translating local IP addresses to globally unique IP addresses. 
This allows local hosts in an enterprise network to share global IP addresses from 
a limited pool of such addresses available to the enterprise. The translation is 
accomplished by replacing the source address in headers on packets destined for 
the Internet and by replacing destination address in headers on packets entering the 
local enterprise network from the Internet. Packets arriving from the Internet are 
screened by an adaptive security algorithm. According to this algorithm, packets 
are dropped and logged unless they are deemed nonthreatening. DNS packets and 
certain types of ICMP packets are allowed to enter local network. In addition, 
FTP data packets are allowed to enter the local network, but only after it has been 
established that their destination on the local network initiated an FTP session. 

With respect to claims 10-14, claims 10-14 depend from amended claim 7 
and Applicant respectfully submits that claims 10-14 are allowable over Jain in 
view of Coss and further in view of Schmidt for at least the reasons discussed 
above with respect to amended claim 7. Mayes is not cited as curing, and does not 



31 



Application No. 09/695,821 



cure, the deficiencies of Jain, Coss, and Schmidt discussed above with respect to 
amended claim 7. Accordingly, for at least these reasons, Applicant respectfully 
submits that claims 10-14 are allowable over Jain in view of Coss and further in 
view of Schmidt and further in view of Mayes. 

Claims 15 and 16 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Jain in view of Coss and further in view of Schmidt and further 
in view of Epstein. As part of this response, claims 15 and 16 are canceled 
without prejudice, thereby rendering the rejection of claims 15 and 16 moot. 

Claims 18 and 25-27 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Jain in view of Coss and further in view of Schmidt and further 
in view of U.S. Patent No. 6,510,509 to Chopra et al. (hereinafter "Chopra"). 
Applicant respectfully submits that claims 18 and 25-27 are not obvious over Jain 
in view of Coss and further in view of Schmidt and further in view of Chopra. 

Chopra is directed to methods and apparatus for network gateway devices 
that implement firewall, IP routing, quality of service, load balancing, and/or 
network address translation rules (see, col. 1, lines 7-10). As discussed in the 
Abstract of Chopra, a high-speed rule processing apparatus is disclosed that may 
be used to implement a wide variety of rule processing tasks such as network 
address translation, firewall protection, quality of service, IP routing, and/or load 
balancing. The high-speed rule processor uses an array of compare engines that 
operate in parallel. 

With respect to claim 18, claim 18 depends from amended claim 7 and 
Applicant respectfully submits that claim 1 8 is allowable over Jain in view of Coss 
and further in view of Schmidt for at least the reasons discussed above with 
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respect to amended claim 7. Chopra is not cited as curing, and does not cure, the 
deficiencies of Jain, Coss, and Schmidt discussed above with respect to amended 
claim 7. Accordingly, for at least these reasons, Applicant respectfully submits 
that claim 4 is allowable over Jain in view of Coss and further in view of Schmidt 
and further in view of Chopra. 

With respect to claim 25, claim 25 depends from amended claim 20 and 
Applicant respectfully submits that claim 25 is allowable over Jain in view of Coss 
and further in view of Schmidt for at least the reasons discussed above with 
respect to amended claim 20. Chopra is not cited as curing, and does not cure, the 
deficiencies of Jain, Coss, and Schmidt discussed above with respect to amended 
claim 20. Accordingly, for at least these reasons, Applicant respectfully submits 
that claim 25 is allowable over Jain in view of Coss and further in view of Schmidt 
and further in view of Chopra. 

With respect to claims 26 and 27, given that claims 26 and 27 depend from 
claim 25, Applicant respectfully submits that claims 26 and 27 are likewise 
allowable over Jain in view of Coss and further in view of Schmidt and further in 
view of Chopra for at least the reasons discussed above with respect to claim 25. 

Claim 33 stands rejected under 35 U.S.C. § 103(a) as being unpatentable 
over Jain in view of Coss and further in view of Schmidt and further in view of 
Epstein and further in view of Chopra. Applicant respectfully submits that claim 
33 is not obvious over Jain in view of Coss and further in view of Schmidt and 
further in view of Chopra. 

Claim 33 depends from amended claim 28 and Applicant respectfully 
submits that claim 33 is allowable over Jain in view of Coss and further in view of 
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Schmidt and further in view of Epstein for at least the reasons discussed above 
with respect to amended claim 28. Chopra is not cited as curing, and does not 
cure, the deficiencies of Jain, Coss, Schmidt, and Epstein discussed above with 
respect to amended claim 28. Accordingly, for at least these reasons, Applicant 
respectfully submits that claim 33 is allowable over Jain in view of Coss and 
further in view of Schmidt and further in view of Chopra. 

Claims 40 and 41 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Jain in view of Coss and further in view of Schmidt and further 
in view of Epstein and further in view of Boden and further in view of U.S. Patent 
No. 6,728,885 to Taylor et al. (hereinafter "Taylor"). Applicant respectfully 
submits that claims 40 and 41 are not obvious over Jain in view of Coss and 
further in view of Schmidt and further in view of Epstein and further in view of 
Boden and further in view of Taylor. 

Taylor is directed to firewall technology in packet switched networks for 
adaptively providing a plurality of security levels (see, col. 1, lines 12-14). As 
discussed in the Abstract of Taylor, the method comprises the step of receiving a 
first communication packet on at least one network interface port from an outside 
network, and further includes the steps of filtering the first packet in one of at least 
two levels of security comprising a first level of security which examines the 
content information of the packet and a second level of security which examines 
the first packet excluding the content information of the packet. 

With respect to claims 40 and 41, claims 40 and 41 depend from amended 
claim 39 and Applicant respectfully submits that claims 40 and 41 are allowable 
over Jain in view of Coss and further in view of Schmidt and further in view of 
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Epstein and farther in view of Boden for at least the reasons discussed above with 
respect to amended claim 39. Taylor is not cited as curing, and does not cure, the 
deficiencies of Jain, Coss, Schmidt, Epstein, and Boden discussed above with 
respect to amended claim 39. For at least these reasons, Applicant respectfully 
submits that claims 40 and 41 are allowable over Jain in view of Coss and further 
in view of Schmidt and further in view of Epstein and further in view of Boden 
and further in view of Taylor. 

Claim 43 stands rejected under 35 U.S.C. § 103(a) as being unpatentable 
over Jain in view of Coss and further in view of Schmidt and further in view of 
Epstein and further in view of Boden. As part of this response, claim 43 is 
canceled without prejudice, thereby rendering the rejection of claim 43 moot. 

Applicant respectfully requests that the §103 rejections be withdrawn. 

New Claims 

New claim 49 is added to the subject application. 

With respect to new claim 49, new claim 49 depends from amended claim 1 
and Applicant respectfully submits that new claim 49 is allowable over the cited 
references for at least the reasons discussed above with respect to amended 
claim 1 . Furthermore, Applicant respectfully submits that the cited references do 
not disclose or suggest a computing device as recited in claim 1, the computing 
device including a processor that supports multiple privilege levels, and the 
controller being implemented in a most privileged level of the multiple privilege 
levels as recited in new claim 49. Accordingly, for at least these reasons, 
Applicant respectfully submit that claim 49 is allowable over the cited references. 
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Conclusion 

Claims 1, 4, 6-14, 17-41, 44-47, and 49 are in condition for allowance. 
Applicant respectfully requests reconsideration and issuance of the subject 
application. Should any matter in this case remain unresolved, the undersigned 
attorney respectfully requests a telephone conference with the Examiner to resolve 
any such outstanding matter. 



Respectfully Submitted, 





Allan T. Sponseller 
Reg. No. 38,318 
(509) 324-9256 
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